Cyber Incident Victim: Brendon Gyermekruhz Kft.

On December 19, 2020, Brendon Gyermekáruház Kft., a Hungarian retailer specializing in baby clothing, detected a cyberattack affecting its IT systems. The company confirmed through investigation that attackers deployed Zeppelin ransomware, which successfully bypassed both firewall protections and antivirus software. This intrusion caused immediate operational disruptions, rendering customer accounts inaccessible and halting online shopping functionality for an unspecified period. Attackers gained unauthorized access to user data stored within the compromised systems, though the specific types or volume of data were not disclosed in the notification. Brendon acknowledged the incident in an email sent to customers on an unspecified Wednesday following the attack discovery, confirming both the system compromise and potential acquisition of customer data by threat actors.

The company restored its webshop functionality after addressing the technical disruption, though its public website notification initially described the incident only as a resolved "technical error" without referencing the cyberattack. This contrasted with the direct disclosure in customer emails, which explicitly attributed the outage to malicious activity and warned of potential data exposure. Brendon instructed customers who registered accounts prior to December 19 to change their passwords before logging back into the system. No details were provided regarding ransom demands, payment, or data recovery processes. The incident caused reputational impact through customer exposure to potential data misuse and revealed inconsistencies between internal and external breach communications.